nginx认证模块ngx_http_auth_basic_module
ngx_http_auth_basic_module模块基于“HTTP Basic Authentication“协议完成用户认证。模块指令:
auth_basic auth_basic_user_file这两个指令的应用范围:http,server,location,limit_except
示例:
location / { auth_basic "closedsite"; auth_basic_user_fileconf/htpasswd;}auth_basic指令:
语法:auth_basic string | off; 默认:auth_basic off;开启/关闭基于“HTTP Basic Authentication”协议的用户/密码认证。
auth_basic_user_file指令:
语法:auth_basic_user_file file; 默认:--用于指定保存用户名和密码的文件,注意文件权限。
文件格式为:
name1:password1name2:password2:commentname3:password3支持的密码类型:
[*]用crypt()函数加密,工具有htpasswd、openssl passwd
[*]使用基于md5的密码算法的Apache变体(apr1)
使用htpasswd实现nginx的认证
[*]安装htpasswd,htpasswd是apache提供的密码生成工具
yuminstall httpd-tools -y
[*]htpasswd用法
$ htpasswd -hhtpasswd:illegal option -- hUsage: htpasswd[-cimBdpsDv] [-C cost] passwordfile username htpasswd-b [-C cost] passwordfile username password htpasswd-n [-C cost] username htpasswd-nb [-C cost] username password-cCreatea new file.-nDon'tupdate file; display results on stdout.-bUsethe password from the command line rather than prompting for it.-iReadpassword from stdin without verification (for script usage).-mForceMD5 encryption of the password (default).-BForcebcrypt encryption of the password (very secure).-CSetthe computing time used for the bcrypt algorithm (higheris more secure but slower, default: 5, valid: 4 to 31).-dForceCRYPT encryption of the password (8 chars max, insecure).-sForceSHA encryption of the password (insecure).-pDonot encrypt the password (plaintext, insecure).-DDeletethe specified user.-vVerifypassword for the specified user.
[*]创建用户密码文件
$ htpasswd -c/etc/nginx/passwd.db xiaoming ###新创建密码文件New password:Re-type new password:Adding password for user xiaoming$ htpasswd/etc/nginx/passwd.db xiaoli ###添加新的用户New password:Re-type new password:Adding password for user xiaoli$ cat/etc/nginx/passwd.db ###查看文件内容格式xiaoming:$apr1$OlmGwtmd$kG6fmWrQzCWEJGT/uWXsJ.xiaoli:$apr1$UNkIjCHM$5h6Gigl1q.IZbq6yODzAv1
[*]配置nginx
location / { auth_basic "welcome"; auth_basic_user_file /etc/nginx/passwd.db;}
[*]访问相关内容的时候将会认证
使用对应的用户名密码可以登录访问。
路过帮顶!!!
路过帮顶!!!
页:
[1]